CAS without CAS login page using restful api and modifiedlogin-webflow.xml

Keith Garry Boyce garry at consultsure.com
Tue Jan 20 17:21:00 EST 2009 

Again. I'd appreciate an answer on this please.

-----Original Message-----
From: Keith Garry Boyce <garry at consultsure.com>
Sent: Saturday, January 17, 2009 8:07 AM
To: 'Yale CAS mailing list' <cas at tp.its.yale.edu>
Subject: RE: CAS without CAS login page using restful api and	modifiedlogin-webflow.xml

Anyone?

> _____________________________________________ 
> From: 	cas-bounces at tp.its.yale.edu
> [mailto:cas-bounces at tp.its.yale.edu]  On Behalf Of Keith Garry Boyce
> Sent:	Friday, January 16, 2009 9:53 AM
> To:	cas at tp.its.yale.edu
> Subject:	CAS without CAS login page using restful api and
> modifiedlogin-webflow.xml
> 
> I wanted to code a JSF application where the login page is a JSF page
> rather than a CAS page. I see this as a use case that cannot be overlooked
> in present day application development.
> 
> I understand that it is discouraged to present credentials to an
> application but an applications security model shouldn't have to be custom
> for every security solution plugged in.
> 
> In my case I'm using spring security as the mechanism to glue the security
> stuff together. If I switch from plain security to CAS security it seems
> that all documentation points to me doing custom things for the login page
> such as iframe etc..
> 
> So here's what I've come up with. I'd appreciate feedback on this
> solution:
> 
> In login-webflow.xml I made it so if ticketGrantingTicketId is passed as a
> parameter on the /cas/login URL then
> Service cookie can be issued directly using the ticketGrantingTicketId. In
> my case I get the ticketGrantingTicketId using the CAS restful api.
> 
> 	<action-state id="initialFlowSetup">
> 		<action bean="initialFlowSetupAction" />
> <!-- garpinc replace -->
> <!--
> 		<transition on="success"
> to="ticketGrantingTicketExistsCheck" />
> -->
> <!-- garpinc with -->
> 		<transition on="success"
> to="ticketGrantingTicketIdExistsCheck" />
> <!-- garpinc end replace -->
> 	</action-state>
> 
> 	<!-- added by garpinc -->
> 	<decision-state id="ticketGrantingTicketIdExistsCheck">
> 		<if test="${requestParameters.ticketGrantingTicketId ==
> null}" then="ticketGrantingTicketExistsCheck"
> else="populateFromRequestParams" />
> 	</decision-state>
> 
> 	<action-state id="populateFromRequestParams">
> 		<set attribute="ticketGranti

[The entire original message is not included]

More information about the cas mailing list